Download page Salesforce as a SAML Identity Provider.
Salesforce as a SAML Identity Provider
ToaddSalesforceas a SAML 2.0 external integration, you must create a connectedapp with SAML configuration in the Salesforce organizationto enable trust with the service provider (Conga Auth Service). After creating the app, you need external_organization_id, Metadata Location URL, and Organization ID Claim Type details.
To set up Salesforce as a SAML identity provider, enable your organization as an identity provider and integrate your service provider as a connected app.
You must perform the following settings in the same sequence:
Enable Salesforce as an identity provider
Enable the single sign-on (SSO) setting
Create a SAML-enabled connected app and provide access to users
To enable identity provider setting
Log in to Salesforce.
Go to Setup,then search and select Identity Provider.
ClickEnable Identity Provider.
Select the self-signed certificate from the dropdown menu.
Click Save.
To enable single sign-on setting
Log in to Salesforce.
Go to Setup, then search and select Single Sign-On Settings.
Click Edit.
Check the SAML Enabled checkbox.
Click Save.
To create a SAML-enabled connected app
Log in to Salesforce.
Go to Setup, then search and select App Manager.
Click New Connected App.
Enter the following details in the Basic Informationsection:
Field
Description
Connected App Name
Enter the connected app’s name, which displays in the App Manager.
API Name
The API name is generated automatically based on the name of the Connected App.
Contact Email
Enter the email address of the administrator managing the Connected App.
Fill in the following details in the Web App Settings section. Leave the other field as is.
Field
Description
Enable SAML
Select the Enable SAML checkbox.
Entity Id
The globally unique ID of the service provider. Enter the following URL per your environment:
Specify email address as the format attribute sent in SAML messages.
Singing Algorithm for SAML Messages
Select the SHA256 option.
Click Save.
Open the connected app that is created for the SAML identity provider.
Click Edit Policies.
Go to the Custom Attributes section and make sure to add the custom attribute with the external_organization_id as an attribute key and the organization ID as an attribute value.
Click Save.
Go to the User Accounts section and add a user account.
Go to the Profiles and Permission Sets sections and add profiles and permission sets to provide connected app access to Salesforce users.
With setup complete, you must get the information needed to configure an external integration.
To get the external_organization_id and Metadata Location URL details
Log in to Salesforce.
Go to Setup, then search and select Manage Connected Apps.
Open the connected app that is created for the SAML identity provider.
Go to the Custom Attributes section and make sure the custom attribute is created with the external_organization_id as an attribute key and the organization ID as an attribute value.